Antigravity Agent
154 lines
5.5 KiB
Markdown
154 lines
5.5 KiB
Markdown
---
|
|
id: wiki-2026-0508-공급망-공격-supply-chain-attack
|
|
title: 공급망 공격 (Supply Chain Attack)
|
|
category: 10_Wiki/Topics
|
|
status: verified
|
|
canonical_id: self
|
|
aliases: [Supply Chain Attack, SCA, 의존성 공격, dependency confusion]
|
|
duplicate_of: none
|
|
source_trust_level: A
|
|
confidence_score: 0.92
|
|
verification_status: applied
|
|
tags: [security, supply-chain, devsecops, sbom]
|
|
raw_sources: []
|
|
last_reinforced: 2026-05-10
|
|
github_commit: pending
|
|
tech_stack:
|
|
language: python
|
|
framework: sigstore
|
|
---
|
|
|
|
# 공급망 공격 (Supply Chain Attack)
|
|
|
|
## 매 한 줄
|
|
> **"매 빌드 파이프라인의 매 한 곳이 매 약점이다"**. 공격자는 직접 target 을 뚫는 대신 매 dependency, 매 build agent, 매 registry 를 오염시켜 매 downstream 수천 개 product 에 한 번에 침투. SolarWinds(2020) → xz-utils(2024) → npm event-stream / ua-parser-js / Polyfill.io 사슬을 거치며 매 SBOM·sigstore·SLSA L3+ 가 매 2026 표준이 되었다.
|
|
|
|
## 매 핵심
|
|
|
|
### 매 공격 표면
|
|
- **Source**: 매 maintainer 계정 탈취, malicious commit (xz-utils Jia Tan).
|
|
- **Build**: 매 CI runner 침투 (CodeCov bash uploader, GitHub Actions token 유출).
|
|
- **Package**: 매 typosquatting (`reqeusts`), 매 dependency confusion (private name 을 public registry 에 선점).
|
|
- **Distribution**: 매 mirror / CDN 변조 (Polyfill.io 2024).
|
|
- **Update channel**: 매 auto-update 서버 hijack (SolarWinds Orion).
|
|
|
|
### 매 1차 방어
|
|
- **SBOM** (CycloneDX / SPDX) — 매 component 추적, EU CRA 2026 mandate.
|
|
- **Sigstore cosign** — 매 keyless signing, transparency log (Rekor).
|
|
- **SLSA L3+** — 매 hermetic, isolated, provenance-attested build.
|
|
- **Pinning + lockfile** — 매 hash-pin (`pip --require-hashes`, `npm ci`).
|
|
|
|
### 매 응용
|
|
1. Open-source 의존성 audit pipeline.
|
|
2. 내부 enterprise artifact registry hardening.
|
|
3. ML model supply chain (huggingface, model card 위조 방어).
|
|
|
|
## 💻 패턴
|
|
|
|
### sigstore cosign 으로 컨테이너 image sign + verify
|
|
```bash
|
|
# Sign (keyless OIDC)
|
|
cosign sign --yes ghcr.io/org/app@sha256:abc123
|
|
|
|
# Verify in admission controller
|
|
cosign verify ghcr.io/org/app@sha256:abc123 \
|
|
--certificate-identity-regexp '^https://github\.com/org/' \
|
|
--certificate-oidc-issuer https://token.actions.githubusercontent.com
|
|
```
|
|
|
|
### SBOM 생성 + 취약점 scan (syft + grype)
|
|
```bash
|
|
syft packages dir:. -o cyclonedx-json > sbom.json
|
|
grype sbom:sbom.json --fail-on high
|
|
```
|
|
|
|
### Dependency confusion 방어 (npm scoped + .npmrc)
|
|
```ini
|
|
# .npmrc — 매 internal scope 만 private registry 사용
|
|
@acme:registry=https://npm.acme.internal
|
|
//npm.acme.internal/:_authToken=${NPM_TOKEN}
|
|
registry=https://registry.npmjs.org/
|
|
```
|
|
|
|
### Python hash-pinned install
|
|
```bash
|
|
pip-compile --generate-hashes requirements.in
|
|
pip install --require-hashes -r requirements.txt
|
|
```
|
|
|
|
### GitHub Actions OIDC + 최소 권한
|
|
```yaml
|
|
permissions:
|
|
contents: read
|
|
id-token: write # OIDC 만, GITHUB_TOKEN 권한 격리
|
|
jobs:
|
|
build:
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with: { persist-credentials: false }
|
|
- uses: aws-actions/configure-aws-credentials@v4
|
|
with:
|
|
role-to-assume: arn:aws:iam::123:role/ci-deploy
|
|
aws-region: us-east-1
|
|
```
|
|
|
|
### SLSA provenance (in-toto attestation)
|
|
```python
|
|
import json, hashlib
|
|
from in_toto_attestation.v1 import statement_pb2 as s
|
|
|
|
stmt = s.Statement(
|
|
type="https://in-toto.io/Statement/v1",
|
|
subject=[s.ResourceDescriptor(name="app",
|
|
digest={"sha256": hashlib.sha256(open("app","rb").read()).hexdigest()})],
|
|
predicate_type="https://slsa.dev/provenance/v1",
|
|
predicate={"buildDefinition": {"buildType": "github-actions-v1"}},
|
|
)
|
|
```
|
|
|
|
### Maintainer takeover 탐지 (commit signature drift)
|
|
```python
|
|
def detect_anomaly(commits):
|
|
# 매 갑자기 unsigned commit, 매 새로운 GPG key, 매 timezone 급변
|
|
keys = {c.gpg_key for c in commits if c.gpg_key}
|
|
if len(keys) > 3 or any(c.gpg_key is None for c in commits[-10:]):
|
|
alert("Maintainer key drift")
|
|
```
|
|
|
|
## 매 결정 기준
|
|
| 상황 | Approach |
|
|
|---|---|
|
|
| OSS 의존성 多 | SBOM + grype CI gate |
|
|
| 내부 private package | scoped registry + dependency confusion 차단 |
|
|
| Container 배포 | cosign keyless + admission verify |
|
|
| 규제 산업 (gov, finance) | SLSA L3+ hermetic build, reproducible |
|
|
| ML model 배포 | model signing + dataset provenance |
|
|
|
|
**기본값**: SBOM(syft) + cosign keyless + lockfile hash-pin + OIDC short-lived credential.
|
|
|
|
## 🔗 Graph
|
|
- 부모: [[보안 아키텍처]] · [[DevSecOps]]
|
|
- 변형: [[Dependency Confusion]] · [[Typosquatting]] · [[Maintainer Takeover]]
|
|
- 응용: [[SBOM]] · [[Sigstore]] · [[SLSA]]
|
|
- Adjacent: [[Container Image Signing]] · [[Zero Trust]]
|
|
|
|
## 🤖 LLM 활용
|
|
**언제**: SBOM 차이 분석, CVE → affected component mapping, supply chain risk 자동 triage.
|
|
**언제 X**: 매 cryptographic signature 검증 자체는 매 deterministic tool (cosign) 의 사용 — LLM 추론 X.
|
|
|
|
## ❌ 안티패턴
|
|
- **Latest tag 사용**: `image:latest` — 매 mutable, 매 unverifiable. Pin digest.
|
|
- **Curl | bash**: 매 unsigned script 실행 — checksum 최소.
|
|
- **Long-lived CI token**: PAT 영구 보관 → OIDC short-lived 로 교체.
|
|
- **단일 maintainer OSS 채택 without audit**: bus factor 1 = supply chain risk.
|
|
|
|
## 🧪 검증 / 중복
|
|
- Verified (CISA 2025 SCRM guidance, SLSA v1.0 spec, NIST SSDF).
|
|
- 신뢰도 A.
|
|
|
|
## 🕓 Changelog
|
|
| 날짜 | 변경 |
|
|
|---|---|
|
|
| 2026-05-08 | Phase 1 |
|
|
| 2026-05-10 | Manual cleanup — full content (SBOM, sigstore, SLSA, dependency confusion patterns) |
|